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earned patent term adjustment See 37 CFR 1 704(b). 
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I) 13 Responsive to communication(s) filed on 11/13/2007 . 

2a)D This action is FINAL. 2b)(EI This action is non-final. 
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closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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5) D Claim(s) is/are allowed. 

6) M Claim(s) 1-12 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10)13 The drawing(s) filed on 12 March 2004 is/are: a)(E) accepted or b)D objected to by the Examiner. 
Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

I I) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
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1.13 Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 

3-D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . Claims 1 -1 2 are pending. 

Information Disclosure Statement 

2. Applicant indicated that an updated IDS including dates for NPL references was 
included along with the response to office action. Examiner was unable to locate the 
updated IDS. Examiner respectfully requests the IDS be resubmitted. 

Response to Arguments 

3. Applicant's arguments with respect to claims 1-12 have been considered but are 
moot in view of the new ground(s) of rejection. 



Claim Rejections - 35 USC § 103 



The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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1. Claims 1-2, 4-8, and 10-12 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Kahn US Patent No. 7,185,192 in view of Ho US Patent No. 
6,148342. 

2. With regards to claims 1, 7, Kahn teaches an electronic data processing facility 
adapted to run an operating system for configuring the data processing facility and an 
application program for editing data comprising (Kahn, column 12 line 48 - column 13 
line 15) a data store for storing the data (Kahn, Figure 1 Item 350-3, column 19 lines 49- 
55, managed resource database), and a user object memory for storing user objects for 
authenticating and documenting access to the data (Kahn, column 18 lines 15-35, users 
accounts and user/groups/role identities, Figure 1 Items 350-1 and 350-2), and for 
storing an authentication user object which is assignable a data access right at the level 
of the operating system (Kahn, column 18 lines 35-45, identity of a role is determined) 
and which is assignable to a plurality of documentation user objects for authenticating 
the data access right to the documentation user objects (Kahn, column 19 lines 49-63, 
identity and role is combined with access type and resource identifier to make an 
access request which is authenticated). Kahn discloses a log and audit database but 
fails to disclose the specific functionality of a documentation memory for storing 
documentation data for documenting access to the data and the user object memory 
being further for storing documentation user objects storable in the documentation 
memory at the level of the application program for the purpose of documenting access 
to the data. However, Ho teaches a documentation memory for storing documentation 
data for documenting access to the data and the user object memory being further for 
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storing documentation user objects storable in the documentation memory at the level 
of the application program for the purpose of documenting access to the data (Ho, 
column 5 lines 21-43, log). At the time the invention was made, it would have been 
obvious to a person of ordinary skill in the art to utilize Ho's method of logging because 
it offers the advantage of improving security by allowing an auditor to determine if there 
are data access irregularities which would suggest an intruder attempted to or 
succeeded in accessing data (Ho, column 5 lines 21-43, log). 

3. With regards to claims 2, 8, Kahn as modified teaches a security check is 
performed (Kahn, column 18 lines 20-25, login process and authentication) to identify a 
user prior to accessing the data (Kahn, column 18 lines 20-30, validates information 
from user, column 18 lines 36-40, identity is determined before request) and wherein a 
documentation user object and an authentication user object are assignable to a user 
on the basis of a result of the security check (Kahn, column 18 lines 25-35, user 
identifier and role are assigned). 

4. With regards to claims 4, 10, Kahn as modified teaches the user object 
memory is connected to the data processing facility via a connection suitable for data 
communication (Kahn, Figure 1, column 12 lines 50-55). 

5. With regards to claims 5 and 11, Kahn teaches a method for the processing of 
electronic data by a user using an electronic data processing facility, adapted to run an 
operating system for configuring the data processing facility and an application program 
editing the data (Kahn, column 12 line 48 - column 13 line 15) comprising: identifying 
the user as a documentation user object (Kahn, column 18 lines 15-20 and 35-45, user 



Application/Control Number: 10/798,961 Page 5 

Art Unit: 2134 

accounts), identifying the user as an authentication user object (Kahn, column 18 lines 
15-20, 35-45, and 51-64, role object provides for authentication of access requests), 
assigning the authentication user object a right to access data at the level of the 
operating system (Kahn, column 21 lines 4-21, objects may require a particular role for 
access, column 18 lines 15-35, role is assigned upon login) wherein a plurality of users 
are identifiable by the same authentication user object and are authenticable for the 
same data access right (Kahn, column 18 lines 15-20 and 35-45, role can identify a 
plurality of users). Kahn discloses a log and audit database but fails to disclose the 
specific functionality of a documentation memory for storing documentation data for 
documenting access to the data and the. user object memory being further for storing 
documentation user objects storable in the documentation memory at the level of the 
.application program for the purpose of documenting access to the data. However, Ho 
teaches a documentation memory for storing documentation data for documenting 
access to the data and the user object memory being further for storing documentation 
user objects storable in the documentation memory at the level of the application 
program for the purpose of documenting access to the data (Ho, column 5 lines 21-43, 
log). At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to utilize Ho's method of logging because it offers the advantage 
of improving security by allowing an auditor to determine if there are data access 
irregularities which would suggest an intruder attempted to or succeeded in accessing 
data (Ho, column 5 lines 21-43, log). 
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6. With regards to claims 6 and 12, Kahn as modified teaches a storage medium 
on which information is stored adapted to interact with an electronic data processing 
facility in order to carry out the method of claim 5 (Kahn, Figure 1, column 19 lines 33- 
55, resource server, managed resources database). 

7. Claims 3 and 9 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Kahn US Patent No. 7,185,192 and Ho US Patent No. 6,148342, as applied to 
claims 1 and 5 above, and in further view of Wood et al US Patent No. 6,892,307. 

8. With regards to claim 3 and 9, Kahn as modified fails to specifically teach at 
least one of a device for checking biometric data, a device for checking at least one of a 
mechanical and electronic key and a device for checking a chip card to perform the 
security check. However, Wood teaches at least one of a device for checking biometric 
data, a device for checking at least one of a mechanical and electronic key and a device 
for checking a chip card to perform the security check (Wood, column 4 lines 38-50, 
evidence including retina, fingerprint, voiceprint, smart card, and keys). At the time the 
invention was made, it would have been obvious to a person of ordinary skill in the art to 
utilize Wood's method of authentication because it provides the advantage of multiple 
forms of authentication evidence thus allowing for multiple levels of trust to be 
established for a user based upon which authentication mechanisms are used (Wood, 
column 2 lines 29-44). 



Conclusion 
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The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

9. Gullotta et al US Patent No. 6,947,989 discloses a method for provisioning 
resources to users based on policies, roles, organizational information, and attributes. 

10. High, Jr. et al US Patent No. 7,124,192 discloses a role permission model for 
security policy administration and enforcement. 

1 1 . Barkley et al US Patent No. 6,202,066 discloses an implementation of role/group 
permission association using object access type. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Andrew L. Nalven whose telephone number is 571 272 
3839. The examiner can normally be reached on Monday - Thursday 8-6, Alternate 
Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on 571 272 381 1 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




